class FtpTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_login(self): """Testing different login combinations""" options = {'enabled': 'True', 'port': 0, 'banner': 'Test Banner', 'users': {'test': 'test'}, 'protocol_specific_data': {'max_attempts': 3, 'banner': 'test banner', 'syst_type': 'Test Type'}} ftp_capability = ftp.ftp(options) srv = StreamServer(('0.0.0.0', 0), ftp_capability.handle_session) srv.start() ftp_client = FTP() ftp_client.connect('127.0.0.1', srv.server_port, 1) # expect perm exception try: ftp_client.login('james', 'bond') response = ftp_client.getresp() # NOQA except ftplib.error_perm: pass srv.stop()
class HttpTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_connection(self): """ Tests if the capability is up, and sending HTTP 401 (Unauthorized) headers. """ # Use uncommon port so that you can run the test even if the Honeypot # is running. options = {'enabled': 'True', 'port': 0, 'users': {'test': 'test'}} cap = http.Http(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() client = httplib.HTTPConnection('127.0.0.1', srv.server_port) client.request('GET', '/') response = client.getresponse() self.assertEqual(response.status, 401) srv.stop()
class FtpTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_login(self): """Testing different login combinations""" options = {'enabled': 'True', 'port': 0, 'banner': 'Test Banner', 'users': {'test': 'test'}, 'protocol_specific_data': {'max_attempts': 3, 'banner': 'test banner', 'syst_type': 'Test Type'}} ftp_capability = ftp.ftp(options) srv = StreamServer(('0.0.0.0', 0), ftp_capability.handle_session) srv.start() ftp_client = FTP() ftp_client.connect('127.0.0.1', srv.server_port, 1) # expect perm exception try: ftp_client.login('james', 'bond') response = ftp_client.getresp() except ftplib.error_perm: pass srv.stop()
class FtpTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_login(self): """Testing different login combinations""" def ftp_login(): ftp_client = FTP() ftp_client.connect('127.0.0.1', 8888, 1) # expect perm exception try: ftp_client.login('james', 'bond') _ = ftp_client.getresp() # NOQA except ftplib.error_perm: ftp_client.quit() options = { 'enabled': 'True', 'port': 0, 'banner': 'Test Banner', 'users': { 'test': 'test' }, 'protocol_specific_data': { 'max_attempts': 3, 'banner': 'test banner', 'syst_type': 'Test Type' } } ftp_capability = ftp.ftp(options, self.loop) server_coro = asyncio.start_server(ftp_capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) ftp_task = self.loop.run_in_executor(None, ftp_login) self.loop.run_until_complete(ftp_task)
class TelnetTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_invalid_login(self): """Tests if telnet server responds correctly to a invalid login attempt.""" def telnet_login(): client = telnetlib.Telnet('localhost', 2503) # set this to 1 if having problems with this test client.set_debuglevel(0) # this disables all command negotiation. client.set_option_negotiation_callback(self.cb) # Expect username as first output reply = client.read_until(b'Username: '******'Username: '******'someuser' + b'\r\n') reply = client.read_until(b'Password: '******'Password: '******'somepass' + b'\r\n') reply = client.read_until(b'\n', 5) self.assertTrue(b'\n' in reply) client.close() options = {'enabled': 'True', 'port': 2503, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'test': 'test'}} telnet_cap = telnet.Telnet(options, self.loop) server_coro = asyncio.start_server(telnet_cap.handle_session, '0.0.0.0', 2503, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) telnet_task = self.loop.run_in_executor(None, telnet_login) self.loop.run_until_complete(telnet_task) def cb(self, socket, command, option): return
class MySQLTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_invalid_login(self): """Tests if mysql server responds correctly to a invalid login attempt.""" def mysql_login(): try: pymysql.connect( host="0.0.0.0", port=8306, user="******", password="******", db="testdb") except pymysql.err.OperationalError as e: return e return None options = {'enabled': 'True', 'port': 8306} mysql_cap = mysql.MySQL(options, self.loop) server_coro = asyncio.start_server( mysql_cap.handle_session, '0.0.0.0', 8306, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) mysql_task = self.loop.run_in_executor(None, mysql_login) login_exception = self.loop.run_until_complete(mysql_task) self.assertIsInstance(login_exception, pymysql.err.OperationalError) self.assertEqual( str(login_exception), '(1045, "Access denied for user \'tuser\'@\'127.0.0.1\' (using password: YES)")' ) def cb(self, socket, command, option): return
class MySQLTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_invalid_login(self): """Tests if mysql server responds correctly to a invalid login attempt.""" def mysql_login(): try: pymysql.connect(host="0.0.0.0", port=8306, user="******", password="******", db="testdb") except pymysql.err.OperationalError as e: return e return None options = {'enabled': 'True', 'port': 8306} mysql_cap = mysql.MySQL(options, self.loop) server_coro = asyncio.start_server( mysql_cap.handle_session, '0.0.0.0', 8306, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) mysql_task = self.loop.run_in_executor(None, mysql_login) login_exception = self.loop.run_until_complete(mysql_task) self.assertIsInstance(login_exception, pymysql.err.OperationalError) self.assertEqual( str(login_exception), '(1045, "Access denied for user \'tuser\'@\'127.0.0.1\' (using password: YES)")' ) def cb(self, socket, command, option): return
class VncTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_vnc_authentication(self): async def vnc_auth(): reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # server rfb version _ = await reader.readline() writer.write(RFB_VERSION) # available auth methods _ = await reader.read(1024) writer.write(VNC_AUTH) # challenge _ = await reader.read(1024) # Pretending, that we encrypt received challenge with DES and send back the result. client_response = os.urandom(16) writer.write(client_response) # security result _ = await reader.read(1024) options = {'enabled': 'True', 'port': 8888, 'timeout': 30} capability = Vnc(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(vnc_auth())
class Socks5Tests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_socks_authentication(self): async def socks_auth(): reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # Greeting to the server. version+authmethod number+authmethod client_greeting = socks.SOCKS_VERSION + b"\x01" + socks.AUTH_METHOD writer.write(client_greeting) # Receive version+chosen authmethod _ = await reader.read(2) # Send credentials. # version+username len+username+password len+password credentials = b"\x05\x08username\x08password" writer.write(credentials) # Receive authmethod+\xff res = await reader.read(2) self.assertEqual(res, socks.AUTH_METHOD + socks.SOCKS_FAIL) options = {'enabled': 'True', 'port': 8888, 'timeout': 30} capability = socks.Socks5(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '127.0.0.1', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(socks_auth())
class Pop3Tests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_login(self): """Testing different login combinations""" async def pop3_login(): login_sequences = [ # invalid login, invalid password (('USER wakkwakk', b'+OK User accepted'), ('PASS wakkwakk', b'-ERR Authentication failed.')), # PASS without user (('PASS bond', b'-ERR No username given.'),), # Try to run a TRANSACITON state command in AUTHORIZATION state (('RETR', b'-ERR Unknown command'),), ] for sequence in login_sequences: reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # skip banner await reader.readline() for pair in sequence: writer.write(bytes(pair[0] + "\r\n", 'utf-8')) response = await reader.readline() self.assertEqual(response.rstrip(), pair[1]) options = {'port': 110, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'james': 'bond'}} sut = Pop3(options, self.loop) server_coro = asyncio.start_server(sut.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(pop3_login())
class TelnetTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_invalid_login(self): """Tests if telnet server responds correctly to a invalid login attempt.""" # initialize capability and start tcp server options = { 'enabled': 'True', 'port': 2503, 'protocol_specific_data': { 'max_attempts': 3 }, 'users': { 'test': 'test' } } cap = telnet.Telnet(options) server = StreamServer(('0.0.0.0', 2503), cap.handle_session) server.start() client = telnetlib.Telnet('localhost', 2503) # set this to 1 if having problems with this test client.set_debuglevel(0) # this disables all command negotiation. client.set_option_negotiation_callback(self.cb) # Expect username as first output reply = client.read_until('Username: '******'Username: '******'someuser' + '\r\n') reply = client.read_until('Password: '******'Password: '******'somepass' + '\r\n') reply = client.read_until('Invalid username/password', 5) self.assertTrue('Invalid username/password' in reply) server.stop() def cb(self, socket, command, option): return
class PostgreSQLTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_invalid_login(self): """Tests if postgres server responds correctly to a invalid login attempt.""" def postgresql_login(): try: psycopg2.connect("postgres://*****:*****@0.0.0.0:2504/") except psycopg2.OperationalError as e: return e return None options = {'enabled': 'True', 'port': 2504} postgresql_cap = postgresql.PostgreSQL(options, self.loop) server_coro = asyncio.start_server(postgresql_cap.handle_session, '0.0.0.0', 2504, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) postgresql_task = self.loop.run_in_executor(None, postgresql_login) login_exception = self.loop.run_until_complete(postgresql_task) self.assertIsInstance(login_exception, psycopg2.OperationalError) self.assertEqual( str(login_exception), 'FATAL: password authentication failed for user "scott"\n') def cb(self, socket, command, option): return
class VncTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_vnc_authentication(self): async def vnc_auth(): reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # server rfb version _ = await reader.readline() writer.write(RFB_VERSION) # available auth methods _ = await reader.read(1024) writer.write(VNC_AUTH) # challenge _ = await reader.read(1024) # Pretending, that we encrypt received challenge with DES and send back the result. client_response = os.urandom(16) writer.write(client_response) # security result _ = await reader.read(1024) options = {'enabled': 'True', 'port': 8888, 'timeout': 30} capability = Vnc(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(vnc_auth())
class Socks5Tests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_socks_authentication(self): async def socks_auth(): reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # Greeting to the server. version+authmethod number+authmethod client_greeting = socks.SOCKS_VERSION + b"\x01" + socks.AUTH_METHOD writer.write(client_greeting) # Receive version+chosen authmethod _ = await reader.read(2) # Send credentials. # version+username len+username+password len+password credentials = b"\x05\x08username\x08password" writer.write(credentials) # Receive authmethod+\xff res = await reader.read(2) self.assertEqual(res, socks.AUTH_METHOD + socks.SOCKS_FAIL) options = {'enabled': 'True', 'port': 8888, 'timeout': 30} capability = socks.Socks5(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '127.0.0.1', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(socks_auth())
class SshTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_basic_login(self): async def run_client(): async with asyncssh.connect('localhost', port=8888, username='******', password='******', known_hosts=None, loop=self.loop) as _: pass ssh_key_file = 'ssh.key' SSH.generate_ssh_key(ssh_key_file) options = {'enabled': 'True', 'port': 8888} server_coro = asyncssh.create_server(lambda: SSH(options, self.loop), '0.0.0.0', 8888, server_host_keys=['ssh.key'], loop=self.loop) self.server = self.loop.run_until_complete(server_coro) try: self.loop.run_until_complete(run_client()) except asyncssh.Error: pass
class SshTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_basic_login(self): options = {'port': 0} sut = SSH(options) server = StreamServer(('127.0.0.1', 0), sut.handle_session) server.start() client = SSHClient() client.set_missing_host_key_policy(AutoAddPolicy()) with self.assertRaises(AuthenticationException): client.connect('127.0.0.1', server.server_port, 'someuser', 'somepassword') server.stop()
class FtpTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_login(self): """Testing different login combinations""" def ftp_login(): ftp_client = FTP() ftp_client.connect('127.0.0.1', 8888, 1) # expect perm exception try: ftp_client.login('james', 'bond') _ = ftp_client.getresp() # NOQA except ftplib.error_perm: ftp_client.quit() options = {'enabled': 'True', 'port': 0, 'banner': 'Test Banner', 'users': {'test': 'test'}, 'protocol_specific_data': {'max_attempts': 3, 'banner': 'test banner', 'syst_type': 'Test Type'}} ftp_capability = ftp.ftp(options, self.loop) server_coro = asyncio.start_server(ftp_capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) ftp_task = self.loop.run_in_executor(None, ftp_login) self.loop.run_until_complete(ftp_task)
class TelnetTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_invalid_login(self): """Tests if telnet server responds correctly to a invalid login attempt.""" # initialize capability and start tcp server options = {'enabled': 'True', 'port': 2503, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'test': 'test'}} cap = telnet.Telnet(options) server = StreamServer(('0.0.0.0', 2503), cap.handle_session) server.start() client = telnetlib.Telnet('localhost', 2503) # set this to 1 if having problems with this test client.set_debuglevel(0) # this disables all command negotiation. client.set_option_negotiation_callback(self.cb) # Expect username as first output reply = client.read_until('Username: '******'Username: '******'someuser' + '\r\n') reply = client.read_until('Password: '******'Password: '******'somepass' + '\r\n') reply = client.read_until('Invalid username/password', 5) self.assertTrue('Invalid username/password' in reply) server.stop() def cb(self, socket, command, option): return
class HttpTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_connection(self): """ Tests if the capability is up, and sending HTTP 401 (Unauthorized) headers. """ def http_request(): client = httpclient.HTTPConnection('127.0.0.1', 8888) client.request('GET', '/') response = client.getresponse() self.assertEqual(response.status, 401) options = {'enabled': 'True', 'port': 8888, 'users': {'test': 'test'}} http_cap = http.Http(options, self.loop) server_coro = asyncio.start_server(http_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) http_task = self.loop.run_in_executor(None, http_request) self.loop.run_until_complete(http_task)
class SshTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_basic_login(self): async def run_client(): async with asyncssh.connect('localhost', port=8888, username='******', password='******', known_hosts=None, loop=self.loop) as _: pass ssh_key_file = 'ssh.key' SSH.generate_ssh_key(ssh_key_file) options = {'enabled': 'True', 'port': 8888} server_coro = asyncssh.create_server(lambda: SSH(options, self.loop), '0.0.0.0', 8888, server_host_keys=['ssh.key'], loop=self.loop) self.server = self.loop.run_until_complete(server_coro) try: self.loop.run_until_complete(run_client()) except asyncssh.Error: pass
class HttpTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_connection(self): """ Tests if the capability is up, and sending HTTP 401 (Unauthorized) headers. """ def http_request(): client = httpclient.HTTPConnection('127.0.0.1', 8888) client.request('GET', '/') response = client.getresponse() self.assertEqual(response.status, 401) options = {'enabled': 'True', 'port': 8888, 'users': {'test': 'test'}} http_cap = http.Http(options, self.loop) server_coro = asyncio.start_server(http_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) http_task = self.loop.run_in_executor(None, http_request) self.loop.run_until_complete(http_task)
class ZmqTests(unittest.TestCase): def setUp(self): self.test_running = True self.zmq_server_listning_event = gevent.event.Event() self.testing_queue = gevent.queue.Queue() self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.test_running = False self.reportingRelay.stop() def test_connect(self): """Tests that we can connect and send data to a zmq puller""" # start dummy ZMQ pull server gevent.spawn(self._start_zmq_puller) self.zmq_server_listning_event.wait(5) # our local zmq logger zmq_url = 'tcp://localhost:{0}'.format(self.zmq_tcp_port) client_public_key = "N[DC7+%FKdW3pJUPnaCwWxt-0/jo5Lrq&U28-GG}" client_secret_key = "Gwt%C0a8J/:9Jy$qpDNTy8wRzlnRD-HT8H>u7F{B" server_public_key = "^4b:-bZ8seRC+m2p(sg{7{skOuK*jInNeH^/Le}Q" zmqLogger = ZmqLogger(zmq_url, client_public_key, client_secret_key, server_public_key) zmqLogger.start() # inject some data into the logging relay singleton self.reportingRelay.queueLogData({'somekey': 'somedata'}) # wait until the zmq server put something into the local testing queue received_data = self.testing_queue.get(5) received_data = received_data.split(' ', 1) topic, message = received_data[0], jsonapi.loads(received_data[1]) self.assertEqual(topic, ZmqMessageTypes.HERALDING_AUTH_LOG.value) self.assertIn('somekey', message) self.assertEqual(message['somekey'], 'somedata') def _start_zmq_puller(self): context = zmq.Context() # Authenticator runs in different greenlet. auth = GreenThreadAuthenticator(context) auth.start() auth.allow('127.0.0.1') auth.configure_curve(domain='*', location='heralding/tests/zmq_public_keys') # Bind our mock zmq pull server socket = context.socket(zmq.PULL) socket.curve_secretkey = "}vxNPm8lOJT1yvqu7-A<m<w>7OZ1ok<d?Qbq+a?5" socket.curve_server = True self.zmq_tcp_port = socket.bind_to_random_port('tcp://*', min_port=40000, max_port=50000, max_tries=10) # Poll and wait for data from test client poller = zmq.Poller() poller.register(socket, zmq.POLLIN) # Need to notify test client that the server is ready self.zmq_server_listning_event.set() while self.test_running: socks = dict(poller.poll()) if socket in socks and socks[socket] == zmq.POLLIN: data = socket.recv() self.testing_queue.put(data) socket.close()
class ImapTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_LOGIN(self): """Testing different login combinations using simple login auth mechanism.""" def imap_login(): login_sequences = [('kajoj_admin', 'thebestpassword'), ('\"kajoj_admin\"', 'the best password')] imap_obj = imaplib.IMAP4('127.0.0.1', port=8888) for sequence in login_sequences: with self.assertRaises(imaplib.IMAP4.error) as error: imap_obj.login(sequence[0], sequence[1]) imap_exception = error.exception self.assertEqual(imap_exception.args[0], b'Authentication failed') imap_obj.logout() options = { 'enabled': 'True', 'port': 143, 'timeout': 30, 'protocol_specific_data': { 'max_attempts': 3, 'banner': '* OK IMAP4rev1 Server Ready' } } capability = Imap(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) imap_task = self.loop.run_in_executor(None, imap_login) self.loop.run_until_complete(imap_task) def test_AUTHENTICATE_PLAIN(self): """Testing different login combinations using plain auth mechanism.""" def imap_authenticate(): # imaplib in Python 3.5.3 and higher returns str representation of auth failure # But imaplib in Python 3.5.2 and lower returns bytes. # This is a sad hack to get around this problem. pyversion = sys.version_info[:3] if pyversion < (3, 5, 3): auth_failure_msg = b'Authentication failed' else: auth_failure_msg = 'Authentication failed' login_sequences = [ ('\0kajoj_admin\0thebestpassword', auth_failure_msg), ('\0пайтон\0наилучшийпароль', auth_failure_msg), ('kajoj_admin\0the best password', 'AUTHENTICATE command error: BAD [b\'invalid command\']') ] imap_obj = imaplib.IMAP4('127.0.0.1', port=8888) for sequence in login_sequences: with self.assertRaises(imaplib.IMAP4.error) as error: imap_obj.authenticate('PLAIN', lambda x: sequence[0]) imap_exception = error.exception self.assertEqual(imap_exception.args[0], sequence[1]) imap_obj.logout() options = { 'enabled': 'True', 'port': 143, 'timeout': 30, 'protocol_specific_data': { 'max_attempts': 3, 'banner': '* OK IMAP4rev1 Server Ready' } } capability = Imap(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) imap_task = self.loop.run_in_executor(None, imap_authenticate) self.loop.run_until_complete(imap_task)
class SmtpTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_connection(self): """ Tries to connect and run a EHLO command. Very basic test. """ def smtp_connection(): smtp_ = smtplib.SMTP('127.0.0.1', 8888, local_hostname='localhost', timeout=15) smtp_.ehlo() smtp_.quit() # Use uncommon port so that we can run test even if the Honeypot is running. options = { 'enabled': 'True', 'port': 8888, 'protocol_specific_data': { 'banner': 'test' }, 'users': { 'test': 'test' }, } smtp_cap = smtp.smtp(options, self.loop) server_coro = asyncio.start_server(smtp_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) smtp_task = self.loop.run_in_executor(None, smtp_connection) self.loop.run_until_complete(smtp_task) def test_AUTH_CRAM_MD5_reject(self): """ Makes sure the server rejects all invalid login attempts that use the CRAM-MD5 Authentication method. """ def encode_cram_md5(challenge, user, password): challenge = base64.decodebytes(challenge) response = user + b' ' + bytes( hmac.HMAC(password, challenge, digestmod="md5").hexdigest(), 'utf-8') return str(base64.b64encode(response), 'utf-8') def smtp_auth_cram_md5(): smtp_ = smtplib.SMTP('127.0.0.1', 8888, local_hostname='localhost', timeout=15) _, resp = smtp_.docmd('AUTH', 'CRAM-MD5') code, resp = smtp_.docmd(encode_cram_md5(resp, b'test', b'test')) smtp_.quit() # For now, the server's going to return a 535 code. self.assertEqual(code, 535) options = { 'enabled': 'True', 'port': 8888, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } smtp_cap = smtp.smtp(options, self.loop) server_coro = asyncio.start_server(smtp_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) smtp_task = self.loop.run_in_executor(None, smtp_auth_cram_md5) self.loop.run_until_complete(smtp_task) def test_AUTH_PLAIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the PLAIN Authentication method. """ def smtp_auth_plain_reject(): smtp_ = smtplib.SMTP('127.0.0.1', 8888, local_hostname='localhost', timeout=15) arg = bytes('\0{0}\0{1}'.format('test', 'test'), 'utf-8') code, _ = smtp_.docmd( 'AUTH', 'PLAIN ' + str(base64.b64encode(arg), 'utf-8')) smtp_.quit() self.assertEqual(code, 535) options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } smtp_cap = smtp.smtp(options, self.loop) server_coro = asyncio.start_server(smtp_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) smtp_task = self.loop.run_in_executor(None, smtp_auth_plain_reject) self.loop.run_until_complete(smtp_task) def test_AUTH_LOGIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the LOGIN Authentication method. """ def smtp_auth_login_reject(): smtp_ = smtplib.SMTP('127.0.0.1', 8888, local_hostname='localhost', timeout=15) smtp_.docmd('AUTH', 'LOGIN') smtp_.docmd(str(base64.b64encode(b'test'), 'utf-8')) code, _ = smtp_.docmd(str(base64.b64encode(b'test'), 'utf-8')) smtp_.quit() self.assertEqual(code, 535) options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } smtp_cap = smtp.smtp(options, self.loop) server_coro = asyncio.start_server(smtp_cap.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) smtp_task = self.loop.run_in_executor(None, smtp_auth_login_reject) self.loop.run_until_complete(smtp_task)
class Pop3Tests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_initial_session(self): """Tests if the basic parts of the session is filled correctly""" options = {'port': 110, 'protocol_specific_data': {'max_attempts': 3}} sut = Pop3(options) # dont really care about the socket at this point (None...) # TODO: mock the socket! try: sut.handle_session(None, ['192.168.1.200', 12000]) except AttributeError: # because socket is not set pass # TODO: Bind to SERVER_RELAY and assert that we get messages as expected # self.assertEqual(0, len(sut.sessions)) # session = sut.sessions.values()[0] # self.assertEqual('pop3', session.protocol) # self.assertEquals('192.168.1.200', session.source_ip) # self.assertEqual(12000, session.source_port) def test_login(self): """Testing different login combinations""" login_sequences = [ # invalid login, invalid password (('USER wakkwakk', '+OK User accepted'), ('PASS wakkwakk', '-ERR Authentication failed.')), # PASS without user (('PASS bond', '-ERR No username given.'),), # Try to run a TRANSACITON state command in AUTHORIZATION state (('RETR', '-ERR Unknown command'),), ] options = {'port': 110, 'protocol_specific_data': {'max_attempts': 3}, 'users': {'james': 'bond'}} sut = Pop3(options) server = StreamServer(('127.0.0.1', 0), sut.handle_session) server.start() for sequence in login_sequences: client = gevent.socket.create_connection(('127.0.0.1', server.server_port)) fileobj = client.makefile() # skip banner fileobj.readline() for pair in sequence: client.sendall(pair[0] + "\r\n") response = fileobj.readline().rstrip() self.assertEqual(response, pair[1]) server.stop()
class RDPTests(unittest.TestCase): def create_cert_if_not_exists(self, pem_file): if not os.path.isfile(pem_file): cert, key = generate_self_signed_cert("US", "None", "None", "None", "None", "*", 365, 0) with open(pem_file, 'wb') as _pem_file: _pem_file.write(cert) _pem_file.write(key) def rdp_connect(self, ip_addr, port): s = socket.socket() s.connect((ip_addr, port)) s.sendall(RDPClient.ConnectionRequestPDU()) s.recv(1024) tls = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_TLSv1_1) tls.sendall(RDPClient.ClientDataPDU()) tls.recv(4096) tls.send(RDPClient.ErectDomainRequest()) tls.sendall(RDPClient.AttactUserRequest()) tls.recv(512) tls.sendall(RDPClient.ChannelJoinRequest(1007)) tls.recv(1024) tls.sendall(RDPClient.ChannelJoinRequest(1003)) tls.recv(1024) tls.sendall(RDPClient.ClientInfoPDU()) res = b'' res = tls.recv(512) if res != b'': return False return True def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_invalid_login(self): """Tests if rdp server responds correctly to a invalid login attempt.""" def rdp_login(): try: res = self.rdp_connect('0.0.0.0', 8389) except Exception as e: print("+++EXCEPTION+++ \n", e) return e return res options = { "enabled": "True", "port": 3389, "protocol_specific_data": { "banner": "", "cert": { "common_name": "*", "country": "US", "state": "None", "locality": "None", "organization": "None", "organizational_unit": "None", "valid_days": 365, "serial_number": 0 } } } rdp_cap = rdp.RDP(options, self.loop) self.create_cert_if_not_exists('rdp.pem') server_coro = asyncio.start_server(rdp_cap.handle_session, '0.0.0.0', 8389, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) rdp_task = self.loop.run_in_executor(None, rdp_login) login_res = self.loop.run_until_complete(rdp_task) self.assertEqual(True, login_res)
class ImapTests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor(None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.close() def test_LOGIN(self): """Testing different login combinations using simple login auth mechanism.""" def imap_login(): login_sequences = [ ('kajoj_admin', 'thebestpassword'), ('\"kajoj_admin\"', 'the best password') ] imap_obj = imaplib.IMAP4('127.0.0.1', port=8888) for sequence in login_sequences: with self.assertRaises(imaplib.IMAP4.error) as error: imap_obj.login(sequence[0], sequence[1]) imap_exception = error.exception self.assertEqual(imap_exception.args[0], b'Authentication failed') imap_obj.logout() options = {'enabled': 'True', 'port': 143, 'timeout': 30, 'protocol_specific_data': {'max_attempts': 3, 'banner': '* OK IMAP4rev1 Server Ready'}} capability = Imap(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) imap_task = self.loop.run_in_executor(None, imap_login) self.loop.run_until_complete(imap_task) def test_AUTHENTICATE_PLAIN(self): """Testing different login combinations using plain auth mechanism.""" def imap_authenticate(): # imaplib in Python 3.5.3 and higher returns str representation of auth failure # But imaplib in Python 3.5.2 and lower returns bytes. # This is a sad hack to get around this problem. pyversion = sys.version_info[:3] if pyversion < (3, 5, 3): auth_failure_msg = b'Authentication failed' else: auth_failure_msg = 'Authentication failed' login_sequences = [ ('\0kajoj_admin\0thebestpassword', auth_failure_msg), ('\0пайтон\0наилучшийпароль', auth_failure_msg), ('kajoj_admin\0the best password', 'AUTHENTICATE command error: BAD [b\'invalid command\']') ] imap_obj = imaplib.IMAP4('127.0.0.1', port=8888) for sequence in login_sequences: with self.assertRaises(imaplib.IMAP4.error) as error: imap_obj.authenticate('PLAIN', lambda x: sequence[0]) imap_exception = error.exception self.assertEqual(imap_exception.args[0], sequence[1]) imap_obj.logout() options = {'enabled': 'True', 'port': 143, 'timeout': 30, 'protocol_specific_data': {'max_attempts': 3, 'banner': '* OK IMAP4rev1 Server Ready'}} capability = Imap(options, self.loop) server_coro = asyncio.start_server(capability.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) imap_task = self.loop.run_in_executor(None, imap_authenticate) self.loop.run_until_complete(imap_task)
class SmtpTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_connection(self): """ Tries to connect and run a EHLO command. Very basic test. """ # Use uncommon port so that we can run test even if the Honeypot is running. options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'banner': 'test'}, 'users': {'test': 'test'},} cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) smtp_.ehlo() smtp_.quit() srv.stop() def test_AUTH_CRAM_MD5_reject(self): """ Makes sure the server rejects all invalid login attempts that use the CRAM-MD5 Authentication method. """ options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'banner': 'Test'}, 'users': {'someguy': 'test'}} cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() def encode_cram_md5(challenge, user, password): challenge = base64.decodestring(challenge) response = user + ' ' + hmac.HMAC(password, challenge).hexdigest() return base64.b64encode(response) smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) _, resp = smtp_.docmd('AUTH', 'CRAM-MD5') code, resp = smtp_.docmd(encode_cram_md5(resp, 'test', 'test')) # For now, the server's going to return a 535 code. self.assertEqual(code, 535) srv.stop() def test_AUTH_PLAIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the PLAIN Authentication method. """ options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'banner': 'Test'}, 'users': {'someguy': 'test'}} cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) arg = '\0%s\0%s' % ('test', 'test') code, resp = smtp_.docmd('AUTH', 'PLAIN ' + base64.b64encode(arg)) self.assertEqual(code, 535) srv.stop() def test_AUTH_LOGIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the LOGIN Authentication method. """ options = {'enabled': 'True', 'port': 0, 'protocol_specific_data': {'banner': 'Test'}, 'users': {'someguy': 'test'}} cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) smtp_.docmd('AUTH', 'LOGIN') smtp_.docmd(base64.b64encode('test')) code, resp = smtp_.docmd(base64.b64encode('test')) self.assertEqual(code, 535) srv.stop()
class Pop3Tests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_initial_session(self): """Tests if the basic parts of the session is filled correctly""" options = {'port': 110, 'protocol_specific_data': {'max_attempts': 3}} sut = Pop3(options) # dont really care about the socket at this point (None...) # TODO: mock the socket! try: sut.handle_session(None, ['192.168.1.200', 12000]) except AttributeError: # because socket is not set pass # TODO: Bind to SERVER_RELAY and assert that we get messages as expected # self.assertEqual(0, len(sut.sessions)) # session = sut.sessions.values()[0] # self.assertEqual('pop3', session.protocol) # self.assertEquals('192.168.1.200', session.source_ip) # self.assertEqual(12000, session.source_port) def test_login(self): """Testing different login combinations""" login_sequences = [ # invalid login, invalid password (('USER wakkwakk', '+OK User accepted'), ('PASS wakkwakk', '-ERR Authentication failed.')), # PASS without user ( ('PASS bond', '-ERR No username given.'), ), # Try to run a TRANSACITON state command in AUTHORIZATION state ( ('RETR', '-ERR Unknown command'), ), ] options = { 'port': 110, 'protocol_specific_data': { 'max_attempts': 3 }, 'users': { 'james': 'bond' } } sut = Pop3(options) server = StreamServer(('127.0.0.1', 0), sut.handle_session) server.start() for sequence in login_sequences: client = gevent.socket.create_connection( ('127.0.0.1', server.server_port)) fileobj = client.makefile() # skip banner fileobj.readline() for pair in sequence: client.sendall(pair[0] + "\r\n") response = fileobj.readline().rstrip() self.assertEqual(response, pair[1]) server.stop()
class SmtpTests(unittest.TestCase): def setUp(self): self.reportingRelay = ReportingRelay() self.reportingRelay.start() def tearDown(self): self.reportingRelay.stop() def test_connection(self): """ Tries to connect and run a EHLO command. Very basic test. """ # Use uncommon port so that we can run test even if the Honeypot is running. options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'test' }, 'users': { 'test': 'test' }, } cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) smtp_.ehlo() smtp_.quit() srv.stop() def test_AUTH_CRAM_MD5_reject(self): """ Makes sure the server rejects all invalid login attempts that use the CRAM-MD5 Authentication method. """ options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() def encode_cram_md5(challenge, user, password): challenge = base64.decodestring(challenge) response = user + ' ' + hmac.HMAC(password, challenge).hexdigest() return base64.b64encode(response) smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) _, resp = smtp_.docmd('AUTH', 'CRAM-MD5') code, resp = smtp_.docmd(encode_cram_md5(resp, 'test', 'test')) # For now, the server's going to return a 535 code. self.assertEqual(code, 535) srv.stop() def test_AUTH_PLAIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the PLAIN Authentication method. """ options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) arg = '\0%s\0%s' % ('test', 'test') code, resp = smtp_.docmd('AUTH', 'PLAIN ' + base64.b64encode(arg)) self.assertEqual(code, 535) srv.stop() def test_AUTH_LOGIN_reject(self): """ Makes sure the server rejects all invalid login attempts that use the LOGIN Authentication method. """ options = { 'enabled': 'True', 'port': 0, 'protocol_specific_data': { 'banner': 'Test' }, 'users': { 'someguy': 'test' } } cap = smtp.smtp(options) srv = StreamServer(('0.0.0.0', 0), cap.handle_session) srv.start() smtp_ = smtplib.SMTP('127.0.0.1', srv.server_port, local_hostname='localhost', timeout=15) smtp_.docmd('AUTH', 'LOGIN') smtp_.docmd(base64.b64encode('test')) code, resp = smtp_.docmd(base64.b64encode('test')) self.assertEqual(code, 535) srv.stop()
class Pop3Tests(unittest.TestCase): def setUp(self): self.loop = asyncio.new_event_loop() asyncio.set_event_loop(None) self.reporting_relay = ReportingRelay() self.reporting_relay_task = self.loop.run_in_executor( None, self.reporting_relay.start) def tearDown(self): self.reporting_relay.stop() # We give reporting_relay a chance to be finished self.loop.run_until_complete(self.reporting_relay_task) self.server.close() self.loop.run_until_complete(self.server.wait_closed()) self.loop.run_until_complete(cancel_all_pending_tasks(self.loop)) self.loop.close() def test_login(self): """Testing different login combinations""" async def pop3_login(): login_sequences = [ # invalid login, invalid password (('USER wakkwakk', b'+OK User accepted'), ('PASS wakkwakk', b'-ERR Authentication failed.')), # PASS without user ( ('PASS bond', b'-ERR No username given.'), ), # Try to run a TRANSACITON state command in AUTHORIZATION state ( ('RETR', b'-ERR Unknown command'), ), ] for sequence in login_sequences: reader, writer = await asyncio.open_connection('127.0.0.1', 8888, loop=self.loop) # skip banner await reader.readline() for pair in sequence: writer.write(bytes(pair[0] + "\r\n", 'utf-8')) response = await reader.readline() self.assertEqual(response.rstrip(), pair[1]) options = { 'port': 110, 'protocol_specific_data': { 'max_attempts': 3 }, 'users': { 'james': 'bond' } } sut = Pop3(options, self.loop) server_coro = asyncio.start_server(sut.handle_session, '0.0.0.0', 8888, loop=self.loop) self.server = self.loop.run_until_complete(server_coro) self.loop.run_until_complete(pop3_login())